Certificate of Competence in Zero Trust (CCZT) Questions and Answers
Question 17
For ZTA, what should be used to validate the identity of an entity?
Options:
A.
Password management system
B.
Multifactor authentication
C.
Single sign-on
D.
Bio-metric authentication
Answer:
B
Explanation:
Explanation:
Multifactor authentication is a method of validating the identity of an entity by requiring two or more factors, such as something the entity knows (e.g., password, PIN), something the entity has (e.g., token, smart card), or something the entity is (e.g., biometric, behavioral). Multifactor authentication enhances the security of Zero Trust Architecture (ZTA) by reducing the risk of identity compromise and unauthorized access.
References = Certificate of Competence in Zero Trust (CCZT) - Cloud Security Alliance, Zero Trust Training (ZTT) - Module 4: Identity and Access Management
Question 18
When kicking off ZT planning, what is the first step for an
organization in defining priorities?
Options:
A.
Determine current state
B.
Define the scope
C.
Define a business case
D.
Identifying the data and assets
Answer:
B
Explanation:
Explanation:
The first step in Zero Trust planning for an organization is to define the scope of the initiative. This involves determining which systems, networks, and data will be covered by the Zero Trust policies and what the specific objectives are. A clearly defined scope helps in prioritizing efforts, allocating resources effectively, and setting clear goals for what the Zero Trust implementation aims to achieve.
